From 00ddeb07d873edecec776b1e171116dd5a53b12a Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 7 Jun 2018 15:56:37 -0700
Subject: [PATCH] Resolves issue with reassembling large certificates. The
 `ProcessPeerCerts` function was using the wrong max size check for certs.
 Built and test with `./configure CFLAGS="-DMAX_CERTIFICATE_SZ=20000"`.

---
 src/internal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index d47316f25..716cd3a46 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -8276,7 +8276,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             }
             c24to32(input + args->idx, &listSz);
             args->idx += OPAQUE24_LEN;
-            if (listSz > MAX_RECORD_SIZE) {
+            if (listSz > MAX_CERTIFICATE_SZ) {
                 ERROR_OUT(BUFFER_ERROR, exit_ppc);
             }
             if ((args->idx - args->begin) + listSz != totalSz) {